The digitally native generation sports an almost insatiable thirst for access to information – be it media, research papers, games, etc. And the more digital devices they logged on into to quench their thirst, the more they became vulnerable to the threat actors. Even the corporate sector comprising of businesses and industries failed to pre-identify, combat reliably the potential backdoors exploited by the cybercriminals to earn leverage. Global losses from cybercrime now total over $1 trillion, a more than 50 percent increase from 2018. But this estimation took shape before the COVID-hit timeline crippled businesses globally and built a new playground for hackers and threat actors.
COVID was a perfect storm, creating the perfect amount of terror, uncertainty, and chaos. In the wake of the pandemic, organizations endured severe data breaches affecting millions of customers; other organizations saw their operations come to a screeching halt due to ransomware attacks. Of all the incidents that took hostage of data and resources, a looming uncertainty – stemming from unprecedented and innovative attack methods – was capsizing growth by wreaking havoc in the business world. By mid-august 2020, more than 172,000 unheard instances of COVID-related fraudulence were reported, costing about $114.4 million worldwide.
Changing cyber-intrusion tactics and the shift to a remote work setting or home-office upholds the necessity to revisit, realign and re-construct the existing security strategies. From tightening the focus on modernizing the connectivity aspects to cementing the deep void between investigative findings (e.g., inability to find the traces of a data exfiltration) and the consequent preventive or regulatory actions (e.g., the exfiltrated data is leaked) – everything needs to be in sync, and proactive.
Cybercriminals gear up through sophistication
As rigorous innovations brought out bespoke flexibility in everyday lives, cybercriminals stood to benefit the most out of it. Long gone were those days when cybercrime used to be a delusional or a serial hacker’s forte or matter of delight. Today, it has turned itself into an organized crime ran by international groups or syndicates, asserting itself into some of the most secured global networks. “Today’s threat actors are very capable, and they are incessantly innovating new ways to encroach control from the business of their own assets. Now, there is another creed that is simply following the innovators. These are serious copiers who are replicating the attack mechanisms so vigorously that it’s gaining them truckloads of money,” details, Raj Samani, McAfee’s Chief Scientist. McAfee is one of the foremost security companies of the world that builds advance defensive stances, leveraging its decades of threat research, product innovation, and practical application. Raj goes on, “what once appeared as Cybercrime-as-a-Service is now an active service economy. It thrives on exploding revenues, complicit buyers, and full-scale democratization of access to networks, cloud storages among people for varied purposes.”
For businesses, migrating to the cloud is no longer a choice but a must-have business necessity. And now with the pandemic expediting modernization at a wildfire speed, companies can no longer bank on episodic periods of strategy and planning for a gradual transition to the cloud. All these companies need is a unified security approach when it comes to equipping a distributed workforce by embracing the cloud. The real catch here is businesses cannot afford to realize security as an afterthought. Surfacing in, McAfee MVISION Device-to-Cloud suites. “MVISION has been designed to help simplify and accelerate cloud transformation and more effectively defend against advanced attacks. With these cloud-based solutions, organizations can better enable a secure, distributed workforce and more quickly reap the advantages of cloud — enhancing agility, lowering costs, and risk,” adds Scott Howitt, Senior Vice President, and Chief Information Officer, McAfee.
‘Modernization’ with MVISION
McAfee’s device-to-cloud (D2C) suites are powered by McAfee’s MVISION insights and endpoint security. Organizations can easily flex opportunities and capabilities as they scale through the offerings. The three D2C suites are all pay-per-play models and companies can reap the benefits as per their requirements. However, at the foundation of these three models lies McAfee’s unique endpoint threat management solution: MVISION Insights. This industry-first solution intelligently drives endpoint security to be more proactive. It does this by prioritizing and predicting attack activity across the globe. It provides guidance using local intelligence as well as intelligence drawn from McAfee’s massive sensor network of more than one billion sensors worldwide.
MVISION Insights significantly eliminates blind spots and increases situational awareness by circulating 360-degree information on the defensive stance before any threats hit. It can proactively track and prioritize local and global threats that are predicted to hit the enterprise.
Scott summarizes the whole MVISION Insights approach into 3-P’s.
Prioritize: Businesses can learn if a campaign is infested with bad actors and has become too malicious for the business. A personalized dashboard will prioritize global telemetry from one billion sensors based on your industry sector and geography.
Predict Personalized automated evaluations of any business’s security posture risks against dangerous campaigns pinpointing potential gaps in their countermeasures.
Prescribe: Enabled to adjust compensating controls with actionable, endpoint threat data to scale as per upcoming necessities.
McAfee Advanced Threat Research
Standing future-proof to incoming threats or dangerous campaigns is essential. But the dreading question is how to assure being ‘future-proof’ is actually building resilience in any business. More so, looking at today’s disruptive cybercriminals and their zeal to penetrate through every possible compromise. This necessitates a proactive and ears-to-the-ground research team that catches every wind in nearly every vertical of threat. “Through our Advanced Threat Research team, we work to identify and illuminate a broad spectrum of threats in today's complex landscape. These researchers are responsible for research in nearly every vertical of threat, including those targeting banking, retail, medical, and other industries,” details Scott. Scanning a global network of endpoint devices, they track down the most appalling vulnerabilities in popular hardware and software. “Our red team incorporates and builds upon the techniques, tactics, and procedures (TTPs) uncovered by our researchers while performing engagements where the robustness of both our products and infrastructure are continuously being tested. And our Operational Intelligence team operates globally around the clock, keeping watch of the latest cyber campaigns and actively tracking the most impactful cyber threats. These findings are fed back into the solutions that ultimately power McAfee's products.”
A vision for the future
Remarkable economic incentives are enticing the cyber perpetrators to target businesses they know or believe will pay. Firstly, they penetrate an organization’s control or data layer, learn its operations, and then ingest their operations. “Cybercrime operates on a promising and simple ROI equation whose solution is a targeted or distributed attack mechanism,” illustrates Raj. The fact that the world has become more digital has also added fuel to this already blazing fire. Also, with the lifting of the air gap between It and OT due to innovation and breaking-the-silos mentality. “What is clear is that 2020 was a challenging year, but as we sift through and start realizing what 2021 has in store, we have to celebrate the good news stories. From initiatives such as “No More Ransom” continuing to tackle ransomware to the unprecedented accessibility of tools that we can all use to protect ourselves,” Raj shines a ray of hope.